Mercurial Mercurial > openttd-ottdgrfs / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
(svn r2831) Fix some potential and real buffer overflows
authortron
Sun, 07 Aug 2005 14:18:17 +0000
changeset 2307 63e18261a7e7
parent 2306 3d4efe849dd9
child 2308 4ed48829d8e8
(svn r2831) Fix some potential and real buffer overflows
settings.c file | annotate | diff | comparison | revisions
settings.h file | annotate | diff | comparison | revisions
settings_gui.c file | annotate | diff | comparison | revisions 
--- a/settings.c	Sun Aug 07 12:41:57 2005 +0000
+++ b/settings.c	Sun Aug 07 14:18:17 2005 +0000
@@ -524,6 +524,7 @@
 	case SDT_STRINGBUF:
 	case SDT_STRINGQUOT:
 	case SDT_INTLIST:
+	case SDT_CHAR:
 		return str;
 	}
 
@@ -589,6 +590,11 @@
 		case SDT_STRINGQUOT:
 			if (p) ttd_strlcpy((char*)ptr, p, desc->flags >> 16);
 			break;
+
+		case SDT_CHAR:
+			*(char*)ptr = *(char*)p;
+			break;
+
 		case SDT_INTLIST: {
 			if (!load_intlist(p, ptr, desc->flags >> 16, desc->flags >> 4 & 7))
 				ShowInfoF("ini: error in array '%s'", desc->name);
@@ -713,6 +719,10 @@
 		case SDT_INTLIST:
 			make_intlist(buf, ptr, desc->flags >> 16, desc->flags >> 4 & 7);
 			break;
+
+		case SDT_CHAR:
+			sprintf(buf, "\"%c\"", *(char*)ptr);
+			break;
 		}
 		// the value is different, that means we have to write it to the ini
 		item->value = pool_strdup(&ini->pool, buf, strlen(buf));
@@ -990,11 +1000,11 @@
 };
 
 static const SettingDesc currency_settings[] = {
-	{ "rate",      SDT_UINT16,                  (void*)1,   &_custom_currency.rate,      NULL },
-	{ "separator", SDT_STRINGQUOT | (2) << 16,  ".",        &_custom_currency.separator, NULL },
-	{ "to_euro",   SDT_UINT16,                  (void*)0,   &_custom_currency.to_euro,   NULL },
-	{ "prefix",    SDT_STRINGQUOT | (16) << 16, NULL,       &_custom_currency.prefix,    NULL },
-	{ "suffix",    SDT_STRINGQUOT | (16) << 16, " credits", &_custom_currency.suffix,    NULL },
+	{ "rate",      SDT_UINT16,                                               (void*)1,   &_custom_currency.rate,      NULL },
+	{ "separator", SDT_CHAR,                                                 ".",        &_custom_currency.separator, NULL },
+	{ "to_euro",   SDT_UINT16,                                               (void*)0,   &_custom_currency.to_euro,   NULL },
+	{ "prefix",    SDT_STRINGQUOT | lengthof(_custom_currency.prefix) << 16, NULL,       &_custom_currency.prefix,    NULL },
+	{ "suffix",    SDT_STRINGQUOT | lengthof(_custom_currency.suffix) << 16, " credits", &_custom_currency.suffix,    NULL },
 	{ NULL, 0, NULL, NULL, NULL }
 };
 
--- a/settings.h	Sun Aug 07 12:41:57 2005 +0000
+++ b/settings.h	Sun Aug 07 14:18:17 2005 +0000
@@ -12,6 +12,7 @@
 	SDT_STRINGBUF,
 	SDT_INTLIST,
 	SDT_STRINGQUOT, // string with quotation marks around it
+	SDT_CHAR,
 
 	SDT_INT8 = 0 << 4,
 	SDT_UINT8 = 1 << 4,
--- a/settings_gui.c	Sun Aug 07 12:41:57 2005 +0000
+++ b/settings_gui.c	Sun Aug 07 14:18:17 2005 +0000
@@ -1319,7 +1319,7 @@
 	DrawStringCentered(x+15, y+1, STR_681A, 0);
 }
 
-char _str_separator[2];
+static char _str_separator[2];
 
 static void CustCurrencyWndProc(Window *w, WindowEvent *e)
 {
@@ -1467,7 +1467,7 @@
 				break;
 				case 1: /* Thousands seperator */
 					_custom_currency.separator = (b[0] == '\0') ? ' ' : b[0];
-					ttd_strlcpy(_str_separator, b, 16);
+					ttd_strlcpy(_str_separator, b, lengthof(_str_separator));
 				break;
 				case 2: /* Currency prefix */
 					ttd_strlcpy(_custom_currency.prefix, b, lengthof(_custom_currency.prefix));
openttd-ottdgrfs